Commit Graph

2477 Commits (3e5b7ce323a7342bce235fe6f57b37fceacce113)

Author SHA1 Message Date
0x08 2c51f8ec00
Merge branch 'projectdiscovery:master' into patch-1 2022-09-12 15:22:21 +03:00
GitHub Action 724269bac5 Auto Generated CVE annotations [Mon Sep 12 11:34:28 UTC 2022] 🤖 2022-09-12 11:34:28 +00:00
Prince Chaddha 86d7f1b84a
Merge branch 'master' into patch-1 2022-09-12 16:56:13 +05:30
Prince Chaddha 9cad294004
Merge branch 'master' into patch-2 2022-09-12 16:41:45 +05:30
Prince Chaddha 56ec9d8200
Merge pull request #5339 from Akokonunes/patch-181
Create schneider-electric-pelco-videoxpert-core-admin-portal-lfi.yaml
2022-09-12 16:23:56 +05:30
Prince Chaddha 6b488e508b
Update videoxpert-lfi.yaml 2022-09-12 16:21:21 +05:30
Dhiyaneshwaran d04f55721c
Update videoxpert-lfi.yaml 2022-09-12 16:20:19 +05:30
Dhiyaneshwaran 0b062a58e8
Update videoxpert-lfi.yaml 2022-09-12 15:20:52 +05:30
Dhiyaneshwaran d1d0f8e65b
Update and rename schneider-electric-pelco-videoxpert-core-admin-portal-lfi.yaml to vulnerabilities/videoxpert-lfi.yaml 2022-09-12 14:03:36 +05:30
dave 2ad1894537 fix template description 2022-09-11 19:48:17 +02:00
GitHub Action a6dee5c3c4 Auto Generated CVE annotations [Sat Sep 10 02:12:57 UTC 2022] 🤖 2022-09-10 02:12:57 +00:00
MostInterestingBotInTheWorld 800648aa7e
Dashboard Merge Issues Resolution (#5337)
* Auto Generated CVE annotations [Wed Sep  7 15:59:37 UTC 2022] 🤖
* Fixed merge issues from previous PR
* moved vulnerabilities/wordpress/CVE-2019-10692.yaml to cves dir
* Fix CVSS information and other minor merge issues

Co-authored-by: Sullo <sullo@cirt.net>
2022-09-09 21:55:52 -04:00
sullo b65c24c45e
Normalization of Cross-Site Scripting names (#5329) 2022-09-09 23:04:37 +05:30
Moayad Almalat 10febf172b
update wp-sym404.yaml
Changed High to high, :) i.e. lowercase
2022-09-09 10:21:36 +02:00
sullo 0126f9426e
Replace google-dork with google-query in all templates (#5328)
* dos2unix to standardize line endings

* Replace google-dork with google-query
2022-09-09 04:09:14 +05:30
MostInterestingBotInTheWorld 554c11c57b
Dashboard Content Enhancements (#5324)
Dashboard Content Enhancements
* dos2nix on several templates
* replacing some cvedetails links with NIST
2022-09-08 09:28:46 -04:00
Ritik Chaddha 3cedf0bd5f
Update 3DPrint-arbitrary-file-upload.yaml 2022-09-07 11:29:34 +05:30
Ritik Chaddha 963ae9342c
Create 3DPrint-arbitrary-file-upload.yaml 2022-09-07 11:26:34 +05:30
Prince Chaddha b0aaf21c36
Merge pull request #5266 from projectdiscovery/update-generic-linux-lfi
Update generic-linux-lfi.yaml
2022-09-02 10:22:44 +05:30
Prince Chaddha f0d0eff9ca
Update generic-linux-lfi.yaml 2022-09-02 01:48:37 +05:30
Dhiyaneshwaran 5e0f3a4229
Update generic-linux-lfi.yaml 2022-09-02 01:42:47 +05:30
Prince Chaddha 20a8a768d7
Update thinkcmf-arbitrary-code-execution.yaml 2022-09-02 01:38:27 +05:30
Prince Chaddha 931ca5c86f
Merge pull request #5268 from projectdiscovery/generic-windows-lfi
Update generic-windows-lfi.yaml
2022-09-02 01:19:13 +05:30
Prince Chaddha 9044284100
Merge branch 'master' into fileupload 2022-09-01 16:21:29 +05:30
Ritik Chaddha 471ae0fdce
Update generic-windows-lfi.yaml 2022-09-01 14:10:45 +05:30
Dhiyaneshwaran ea617f1ca3
Update dixell-xweb500-filewrite.yaml 2022-09-01 01:38:57 +05:30
Dhiyaneshwaran b839a4cb52
Update powercreator-cms-rce.yaml 2022-09-01 01:38:38 +05:30
Dhiyaneshwaran 028974759f
Update core-chuangtian-cloud-rce.yaml 2022-09-01 01:34:08 +05:30
Dhiyaneshwaran 81111ebb5e
Update wordpress-rce-simplefilelist.yaml 2022-09-01 01:32:51 +05:30
Dhiyaneshwaran fc7afa9f73
Update ait-csv-import-export-rce.yaml 2022-09-01 01:30:11 +05:30
Dhiyaneshwaran 23c86be97b
Update oa-v9-uploads-file.yaml 2022-09-01 01:29:39 +05:30
Dhiyaneshwaran ab10ad02cf
Update zhiyuan-file-upload.yaml 2022-09-01 01:28:54 +05:30
Dhiyaneshwaran 48ae8a32ff
Update cisco-rv-series-rce.yaml 2022-09-01 01:00:07 +05:30
Dhiyaneshwaran 25b136bf87
Update dixell-xweb500-filewrite.yaml 2022-09-01 00:57:38 +05:30
Dhiyaneshwaran d1186e3718
Update ait-csv-import-export-rce.yaml 2022-09-01 00:57:03 +05:30
Dhiyaneshwaran 82a860e347
Update core-chuangtian-cloud-rce.yaml 2022-09-01 00:56:04 +05:30
Dhiyaneshwaran 00b623d6a3
Update zhiyuan-file-upload.yaml 2022-09-01 00:45:27 +05:30
Dhiyaneshwaran 1ae6897871
Update oa-v9-uploads-file.yaml 2022-09-01 00:41:57 +05:30
Prince Chaddha 3f7a72b318
Update wordpress-accessible-wpconfig.yaml 2022-09-01 00:05:57 +05:30
Ritik Chaddha 3a939783b8
Update generic-windows-lfi.yaml 2022-08-31 23:12:58 +05:30
Ritik Chaddha b34b02ebd4 Revert "Update generic-windows-lfi.yaml"
This reverts commit a3076a43ac.
2022-08-31 23:11:07 +05:30
Ritik Chaddha 8c20c20328 Revert "Revert "Update generic-windows-lfi.yaml""
This reverts commit 2d626ef0fe.
2022-08-31 23:09:04 +05:30
Ritik Chaddha 2d626ef0fe Revert "Update generic-windows-lfi.yaml"
This reverts commit a3076a43ac.
2022-08-31 23:08:24 +05:30
Ritik Chaddha a3076a43ac
Update generic-windows-lfi.yaml 2022-08-31 23:05:41 +05:30
Dhiyaneshwaran 2dea6ed916
Update generic-linux-lfi.yaml 2022-08-31 22:03:32 +05:30
Dhiyaneshwaran 234b6a417a
Update generic-linux-lfi.yaml 2022-08-31 22:01:15 +05:30
its0x08 d634bb63d7 chore: Add reference to the template 2022-08-31 00:02:32 +02:00
0x08 0ea1df844a
fix: Update the template to avoid false positives
While testing I got a false positive. The `phpinfo();` was one `index.php` and any parameter appended did not affect the output. So I got a false positive because the template tests for `phpinfo();`. So I propose that the test string is updated to something random and if there is execution the string will show on the output.
2022-08-31 00:03:36 +03:00
MostInterestingBotInTheWorld 36cf9b2f61
Dashboard Enhancements + Severity Matching (#5245)
Dashboard Enhancements + Severity Matching
2022-08-29 16:21:30 -04:00
GitHub Action bc21497f99 Auto Generated CVE annotations [Sat Aug 27 04:41:18 UTC 2022] 🤖 2022-08-27 04:41:18 +00:00
Prince Chaddha 9838347cc3
Merge pull request #5027 from akincibor/wp-enhancement
Update Wordpress templates: typo, cve-id, ref & remove dupe
2022-08-25 14:12:13 +05:30
Prince Chaddha 15dbade56b
Merge pull request #5191 from arafatansari/patch-70
Create gnuboard5-rxss.yaml
2022-08-25 12:39:34 +05:30
Prince Chaddha ff82f4311d
Rename vulnerabilities/other/gnuboard5-rxss.yaml to vulnerabilities/gnuboard/gnuboard5-rxss.yaml 2022-08-25 12:27:51 +05:30
Prince Chaddha 409b655062
Rename vulnerabilities/other/gnuboard-sms-xss.yaml to vulnerabilities/gnuboard/gnuboard-sms-xss.yaml 2022-08-25 11:58:06 +05:30
Prince Chaddha 080906ab35
Update and rename vulnerabilities/other/gnuboard5-xss.yaml to vulnerabilities/gnuboard/gnuboard5-xss.yaml 2022-08-25 11:57:28 +05:30
Ritik Chaddha 3497197092
Update gnuboard5-rxss.yaml 2022-08-24 12:29:34 +05:30
Ritik Chaddha f7e6c4d03d
Update gnuboard5-xss.yaml 2022-08-24 12:23:48 +05:30
Arafat Ansari f5a80bcfe3
Create gnuboard5-rxss.yaml 2022-08-24 00:36:54 +05:30
Arafat Ansari 7dfd3a4edd
Create gnuboard5-xss.yaml 2022-08-24 00:21:46 +05:30
HJLee 660e8d3214 Modify spacing between id and info 2022-08-22 16:17:05 +09:00
Prince Chaddha 6bded3407c
Merge pull request #5117 from projectdiscovery/thruk-xss
Update thruk-xss.yaml
2022-08-16 18:03:41 -07:00
Prince Chaddha 486845f91f
Update thruk-xss.yaml 2022-08-17 05:00:25 +04:00
Prince Chaddha d90538043f
Merge pull request #5104 from djoevanka/patch-1
Added concrete-xss
2022-08-15 15:23:44 -07:00
Prince Chaddha 7269960168
Delete concrete-xss.yaml 2022-08-15 15:05:45 -07:00
Prince Chaddha 9f5ebd2182
Update concrete-xss.yaml 2022-08-15 14:55:19 -07:00
Ritik Chaddha 962bd2a744
Update thruk-xss.yaml 2022-08-15 14:27:04 +05:30
djojoe 5a3a34e4e2
Create concrete-xss.yaml 2022-08-14 20:18:48 +07:00
Prince Chaddha 0bdb85d570
Merge pull request #5091 from arafatansari/patch-52
Create dzzoffice-xss.yaml
2022-08-13 21:45:36 -07:00
Prince Chaddha 3b5c473606
Merge pull request #5081 from arafatansari/patch-51
Create kavita-lfi.yaml
2022-08-12 16:33:40 -07:00
Prince Chaddha 000c7c42d6
Update kavita-lfi.yaml 2022-08-12 16:23:16 -07:00
Prince Chaddha 338271dd97
Update and rename reddittoprss-xss.yaml to reddittop-rss-xss.yaml 2022-08-12 16:16:37 -07:00
Ritik Chaddha 12a76141a2
Update dzzoffice-xss.yaml 2022-08-13 00:37:24 +05:30
Arafat Ansari dc778f626a
Create dzzoffice-xss.yaml 2022-08-12 23:41:26 +05:30
Ritik Chaddha 5c867517d0
Update kavita-lfi.yaml 2022-08-12 16:14:39 +05:30
Ritik Chaddha aa8da9ab43
Update reddittoprss-xss.yaml 2022-08-12 15:55:22 +05:30
Arafat Ansari 6b6e82d232
Create kavita-lfi.yaml 2022-08-12 12:41:00 +05:30
Arafat Ansari 4b007e87d2
Create reddittoprss-xss.yaml 2022-08-12 12:39:23 +05:30
Prince Chaddha 9f4e720ba5
Merge pull request #4991 from projectdiscovery/log4j
Log4j
2022-08-10 09:56:15 -07:00
Prince Chaddha b67e15d02e
Update vmware-operation-manager-log4j.yaml 2022-08-10 09:41:22 -07:00
Prince Chaddha 1623e617b9
Update vmware-nsx-log4j.yaml 2022-08-10 09:41:02 -07:00
Prince Chaddha 39b7f16853
Update vmware-hcx-log4j.yaml 2022-08-10 09:40:49 -07:00
Prince Chaddha ea0315c4f2
Update rundeck-log4j.yaml 2022-08-10 09:40:35 -07:00
Prince Chaddha df1984890a
Update metabase-log4j.yaml 2022-08-10 09:40:16 -07:00
Prince Chaddha 2836673718
Update jamf-pro-log4j.yaml 2022-08-10 09:40:00 -07:00
Prince Chaddha 8a17b91ddd
Update graylog-log4j.yaml 2022-08-10 09:39:30 -07:00
Prince Chaddha 064b49d115
Update cisco-vmanage-log4j.yaml 2022-08-10 09:39:00 -07:00
Prince Chaddha 66c68c63a4
Update cisco-unified-communications-log4j.yaml 2022-08-10 09:38:46 -07:00
Prince Chaddha c7b77ae818
Update vmware-operation-manager-log4j.yaml 2022-08-10 09:37:38 -07:00
Prince Chaddha fadf1ba975
Merge pull request #5005 from projectdiscovery/wp-blogroll-fun-xss
Create wp-blogroll-fun-xss.yaml
2022-08-10 09:35:43 -07:00
Prince Chaddha 6899066085
Update wp-blogroll-fun-xss.yaml 2022-08-10 09:32:23 -07:00
Ritik Chaddha 98f75b6390
Update and rename vulnerabilities/wordpress/wp-church-admin-xss.yaml to cves/2015/CVE-2015-4127.yaml 2022-08-10 15:01:50 +05:30
Ritik Chaddha 0ba0e74aa1
Update wp-ambience-xss.yaml 2022-08-10 14:50:05 +05:30
Ritik Chaddha 0bbe2ff881
Update wordpress-zebra-form-xss.yaml 2022-08-10 14:48:17 +05:30
Ritik Chaddha 9f0b259e75
Update wordpress-social-metrics-tracker.yaml 2022-08-10 14:45:01 +05:30
Ritik Chaddha 37c98909c9
Update w3c-total-cache-ssrf.yaml 2022-08-10 14:43:01 +05:30
Ritik Chaddha 0ebe9f0b8f
Update sassy-social-share.yaml 2022-08-10 14:38:35 +05:30
Ritik Chaddha d817811a58
Update nativechurch-wp-theme-lfd.yaml 2022-08-10 14:36:49 +05:30
Ritik Chaddha 61f94b90d8
Update eatery-restaurant-open-redirect.yaml 2022-08-10 14:32:39 +05:30
Ritik Chaddha 62f10760af
Update brandfolder-open-redirect.yaml 2022-08-10 14:27:59 +05:30
Ritik Chaddha 33d108ee76
Update advanced-access-manager-lfi.yaml 2022-08-10 14:19:57 +05:30
Ritik Chaddha 4c9182c73e
Update ad-widget-lfi.yaml 2022-08-10 14:18:06 +05:30
Ritik Chaddha 88f642a48a
Update wp-woocommerce-email-verification.yaml 2022-08-10 14:00:37 +05:30
Ritik Chaddha 8377f56550
Update wp-woocommerce-file-download.yaml 2022-08-10 13:58:11 +05:30
Prince Chaddha 518d92e567
Rename vulnerabilities/wordpress/wp-install.yaml to exposed-panels/wordpress/wp-install.yaml 2022-08-09 14:39:07 -07:00
Prince Chaddha 19b9eae7fe
Merge pull request #5018 from scent2d/CVE-2020-8772
Create CVE-2020-8772.yaml
2022-08-09 12:18:44 -07:00
Prince Chaddha 5dff73aec8
Merge pull request #5059 from pikpikcu/patch-335
Added webp server LFI
2022-08-09 12:02:17 -07:00
Prince Chaddha 60406e102f
Merge pull request #5055 from arafatansari/patch-48
Create yeswiki-sql.yaml
2022-08-09 11:47:41 -07:00
Prince Chaddha c69d94c158
Update yeswiki-sql.yaml 2022-08-09 11:43:33 -07:00
Prince Chaddha 473dbce6e6
Update yeswiki-sql.yaml 2022-08-09 11:41:09 -07:00
Prince Chaddha 6acbc4ed00
Merge pull request #5054 from arafatansari/patch-47
Create yeswiki-xss2.yaml
2022-08-09 11:38:41 -07:00
Prince Chaddha 8cf741bc67
Update yeswiki-stored-xss.yaml 2022-08-09 11:36:59 -07:00
Ritik Chaddha 9cde49ec96
Update webp-server-go-lfi.yaml 2022-08-09 16:25:59 +05:30
PikPikcU 9328ba3ee4
Create webp-server-go-lfi.yaml 2022-08-09 06:15:24 -04:00
Prince Chaddha b3e8664e2c
Merge pull request #5053 from arafatansari/patch-46
Create yeswiki-xss.yaml
2022-08-09 02:50:21 -07:00
Prince Chaddha 9ec1e497b3
Update yeswiki-xss.yaml 2022-08-09 02:47:08 -07:00
Prince Chaddha 7129ad3f4a
Update generic-j2ee-lfi.yaml 2022-08-09 02:36:13 -07:00
Prince Chaddha ef71f15309
Merge pull request #5050 from pussycat0x/master
CVE-2019-10692
2022-08-09 02:20:37 -07:00
Prince Chaddha c03b7f8448
Merge pull request #5038 from davidfegyver/j2ee-generic-lfi
Added generic J2EE LFI scan
2022-08-09 02:12:01 -07:00
Prince Chaddha 9dc980ad64
Update generic-j2ee-lfi.yaml 2022-08-09 02:09:46 -07:00
Ritik Chaddha 0590cc3c23
Update and rename yeswiki-xss2.yaml to yeswiki-stored-xss.yaml 2022-08-09 12:57:50 +05:30
Ritik Chaddha ca6611c9cf
Update yeswiki-sql.yaml 2022-08-09 12:02:17 +05:30
Dhiyaneshwaran 5c8f9cfdcf
Update yeswiki-xss.yaml 2022-08-09 07:40:54 +05:30
Arafat Ansari c0374e5993
Create yeswiki-sql.yaml 2022-08-09 02:41:34 +05:30
Arafat Ansari 8ec7755930
Create yeswiki-xss2.yaml 2022-08-09 02:40:20 +05:30
Arafat Ansari 0af2f4de1c
Create yeswiki-xss.yaml 2022-08-09 02:38:54 +05:30
Prince Chaddha 02e7097db5
Merge pull request #5041 from projectdiscovery/liferay-resource-leak
Create liferay-resource-leak.yaml
2022-08-08 13:08:22 -07:00
Prince Chaddha a7d1ffbefd
Update and rename misconfiguration/liferay-resource-leak.yaml to vulnerabilities/j2ee/liferay-resource-leak.yaml 2022-08-08 13:05:34 -07:00
Prince Chaddha bfaf4f5b6d Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/4738 2022-08-08 11:28:46 -07:00
Ritik Chaddha 3ca2ec0945
Update CVE-2019-10692.yaml 2022-08-08 19:11:01 +05:30
Ritik Chaddha 3964e22f69
Update CVE-2019-10692.yaml 2022-08-08 19:08:44 +05:30
pussycat0x 383ed21913
Add files via upload 2022-08-08 18:36:30 +05:30
Ritik Chaddha 6106342ddf
Update generic-j2ee-lfi.yaml 2022-08-08 12:05:51 +05:30
Dhiyaneshwaran 6d7316db73
Update generic-j2ee-lfi.yaml 2022-08-07 20:50:32 +05:30
Dhiyaneshwaran d02893bba3
Update generic-j2ee-lfi.yaml 2022-08-07 20:47:49 +05:30
David Fegyver 8590b47416
Added generic J2EE LFI scan 2022-08-07 15:31:31 +02:00
Prince Chaddha 3950e8304c
Update wp-blogroll-fun-xss.yaml 2022-08-06 10:36:51 -07:00
Akincibor db12feeead Update Wordpress templates: typo, cve-id, ref & remove dupe 2022-08-06 19:19:49 +02:00
Akincibor db692605d4 Update Wordpress templates: typo, cve-id, ref & remove dupe 2022-08-06 18:54:58 +02:00
Prince Chaddha 9e4645961c
Delete wordpress-infinitewp-auth-bypass.yaml 2022-08-06 00:09:02 -07:00
MostInterestingBotInTheWorld b2e886f09b
Dashboard Content Enhancements (#5009)
Dashboard Content Enhancements
2022-08-05 09:57:51 -04:00
pussycat0x e9974fe5ad
Delete wp-revslider-release-log-detect.yaml 2022-08-05 18:46:53 +05:30
Prince Chaddha 708649c943
Merge pull request #5008 from projectdiscovery/omnia-mpx-lfi
Update omnia-mpx-lfi.yaml
2022-08-05 07:58:42 +04:00
Prince Chaddha 3ef2eea48f
Merge pull request #5004 from projectdiscovery/wp-avchat-3-xss
Create wp-avchat-3-xss.yaml
2022-08-05 07:57:58 +04:00
Prince Chaddha ae02b5bb2b
Update omnia-mpx-lfi.yaml 2022-08-05 07:57:03 +04:00
Prince Chaddha e2d0cfed57
Update and rename wp-avchat-3-xss.yaml to avchat-video-chat-xss.yaml 2022-08-05 07:54:15 +04:00
Prince Chaddha 5538c251dd
Update and rename wp-athlon-manage-calameo-publications-xss.yaml to calameo-publications-xss.yaml 2022-08-05 07:48:41 +04:00
Ritik Chaddha a73b7924f0
Update omnia-mpx-lfi.yaml 2022-08-04 23:53:04 +05:30
Ritik Chaddha 5d7f87b2ab Revert "Update omnia-mpx-lfi.yaml"
This reverts commit 03ae109555.
2022-08-04 23:52:03 +05:30
Ritik Chaddha 03ae109555
Update omnia-mpx-lfi.yaml 2022-08-04 23:47:18 +05:30
Dhiyaneshwaran 738df35bfc
Create wp-blogroll-fun-xss.yaml 2022-08-04 22:23:16 +05:30